HIPAA
Background:
In
1996, Congress enacted the Health Insurance Portability and Accountability
Act (HIPAA). The legislative goals of HIPAA were to mandate the
industry to implement procedures to reduce the administrative
costs of healthcare, develop standard transactions for consistency
in the industry, promote security and confidentiality of patient
records and to provide incentive for the healthcare industry to
use electronic communications to make patient records available
no matter where the patient was being treated - a process that
takes days with manual records - and particularly useful in emergencies.
All health care providers, insurance providers, health care clearinghouses
or health plans that electronically maintains or transmits health
information pertaining to an individual must comply with HIPAA
regulations. Failure to comply with the Act's requirements originally
had some burdensome penalties for disclosure of any element of
medical information to sources without need, such as a clerk inadvertently
faxing some record to the wrong fax number, would have had both
financial and incarceration involved. These penalties have been
reduced by interpretation by the Secretary of HHS, who was chartered
by the Act to develop the compliance guidelines. The Act, as passed
by Congress, set 1998 as the start date for compliance, but the
pace with which the Federal Bureaucracy operates has delayed the
start date to 2005. All in the healthcare industry are now preparing
to comply with the Act.
HIPAA
requires those in the healthcare industry to have an off-site,
encrypted, electronic data backup and a contingency plan to meet
the mandated Administrative Procedures in the Act. Every practitioner,
be they doctor, clinic, hospital, testing lab, surgery center,
or any of the other organizations that provide services to individuals
and store patient medical records, must backup to a secure, encrypted
(for privacy) off-site location each day. By working with DataStash,
a healthcare industry participant will be in compliance with these
provisions of HIPAA. Services that can support specific areas
of contingency planning and compliance, include:
a.
Off-site, encrypted Data Backup
b. Contingency Planning
c. Disaster Recovery
d. Emergency Operations
e. Privacy
DataStash can assure the practitioner that the stored data is
encrypted for privacy and can ease ones compliance with the Act
by insuring that the practitioner has a secure data backup solution,
automatic backups for data storage and recovery plans.
